package com.jd.risk.bankorder.controller.privilege;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import com.jd.risk.bankorder.controller.BaseController;

@Controller
@RequestMapping("/privilege")
public class LoginController extends BaseController{

	
	@RequestMapping("/login")
	public String toLogin()
	{
		return "/privilege/login";
	}
	
	@RequestMapping("/doLogin")
	public String doLogin(String username , String password)
	{
		if(StringUtils.isBlank(username))
		{
			return "/login";
		}
		Subject subject = SecurityUtils.getSubject();
		UsernamePasswordToken token = new UsernamePasswordToken(username, password);
		token.setRememberMe(true);
		boolean flag = true;
		try {
			subject.login(token);
		} catch (AuthenticationException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
			flag = false;
		}
		if(flag)
		{
			return "redirect:/index.do";
		}else{
			return "/privilege/login";
		}
	}
	
	@RequestMapping("/unauthorized")
	public String toUnauthorized()
	{
		return "/privilege/unauthorized";
	}
	
	@RequestMapping("/logout")
	public String logout()
	{
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return "redirect:/index.do";
	}
}
